Security + Chapter 1 System Security
Security Plus
- 1.
Programming errors that may result i system compromise, allowing someone to gain unauthorized privileges and the intruder can function as the administrator is called what?
- A.
Privilege Escalation
- B.
Buffer Overflow
- C.
Virus
- D.
Malware infection
- E.
None of the above
Correct Answer
A. Privilege EscalationExplanation
A. Program may have flawed code which crashes the pc and provides the intruder with the rights to intrude and function as the user and or admin.Rate this question:
-
- 2.
The most popular method of privilege escalation is what ?
- A.
Malware Infection
- B.
Buffer Infection
- C.
Buffer Overflow `
- D.
Trojan Virus
- E.
Win 32
Correct Answer
C. Buffer Overflow `Explanation
Buffer overflow causes disruption of service and lost data. This condition occurs when the data presented to an application or service exceeds the storage space.Rate this question:
-
- 3.
What is a Boot Sector virus ?
- A.
A virus that infects executable program files and becomes active the memory
- B.
Type of virus that is placed into the first sector of the hardrive so that when the computer boots the virus loads into memory
- C.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
Correct Answer
B. Type of virus that is placed into the first sector of the hardrive so that when the computer boots the virus loads into memoryExplanation
A boot sector virus is a type of virus that is placed into the first sector of the hard drive. When the computer boots up, the virus loads into memory. This type of virus is particularly dangerous as it can infect the computer's operating system and spread to other files and programs. It can also be difficult to detect and remove, as it often hides itself and uses various techniques to avoid detection.Rate this question:
-
- 4.
What is a Polymorphic virus ?
- A.
A virus that infects executable program files and becomes active the memory
- B.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- C.
Type of virus that is placed into the first sector of the hardrive so that when the computer boots the virus loads into memory
- D.
Type of virus that can change form each time it is executed . It was developed to avoid detection
Correct Answer
D. Type of virus that can change form each time it is executed . It was developed to avoid detectionExplanation
A polymorphic virus is a type of virus that can change its form each time it is executed. This ability allows the virus to avoid detection by antivirus software, as it constantly presents a different appearance. Polymorphic viruses were developed specifically to evade detection and make it difficult for antivirus programs to identify and remove them.Rate this question:
-
- 5.
What is a Macro Virus
- A.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- B.
A virus that infects executable program files and becomes active the memory
- C.
Type of virus is inserted into a Microsoft Office document and email to the unsuspecting users.
- D.
Type of virus that can change form each time it is executed . It was developed to avoid detection
Correct Answer
C. Type of virus is inserted into a Microsoft Office document and email to the unsuspecting users.Explanation
A macro virus is a type of virus that is inserted into a Microsoft Office document and emailed to unsuspecting users. This type of virus takes advantage of the macros feature in Microsoft Office applications, which allows users to automate tasks. When the infected document is opened, the macro virus is activated and can spread to other documents or cause harm to the user's computer. This technique of spreading through email attachments makes it easier for the virus to reach a large number of users and increase its chances of infecting more systems.Rate this question:
-
- 6.
What is a Stealth Virus ?
- A.
Type of virus uses techniques to avoid detection, temporarily removes itself from an infected file or mask the file's size.
- B.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- C.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- D.
Type of virus is inserted into a Microsoft Office document and email to the unsuspecting users.
- E.
Type of virus that can change form each time it is executed . It was developed to avoid detection
Correct Answer
A. Type of virus uses techniques to avoid detection, temporarily removes itself from an infected file or mask the file's size.Explanation
A stealth virus is a type of virus that utilizes techniques to avoid detection. It is able to temporarily remove itself from an infected file or mask the file's size. This allows the virus to go undetected by antivirus software or other security measures. By hiding within the infected file, the stealth virus can continue to spread and carry out its malicious activities without being detected.Rate this question:
-
- 7.
What is a Multipartite virus?
- A.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- B.
Type of virus that can change form each time it is executed . It was developed to avoid detection
- C.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- D.
Type of virus that is a hybrid of a boot and a program viruses. It first attacks the boot sector and then attacks system files and or mask the file size.
Correct Answer
D. Type of virus that is a hybrid of a boot and a program viruses. It first attacks the boot sector and then attacks system files and or mask the file size.Explanation
A multipartite virus is a type of virus that combines characteristics of both boot and program viruses. It infects the boot sector of a computer's hard drive and then spreads to system files. It may also mask its file size to avoid detection. This type of virus is designed to be stealthy and difficult to remove, as it attacks multiple parts of the computer's operating system.Rate this question:
-
- 8.
Worms are similar in function and behavior to a virus with the exception worms are not self replicating. True or False
- A.
Worms are self replicating and it behaves just like a virus
- B.
Worms are not self replicating and is similar to a spyware /trojan
Correct Answer
A. Worms are self replicating and it behaves just like a virusExplanation
A. Worms are self replicating and are built to take advantage of of security holes in existing application. The idea o the worm is to find internet connectivity and jump from one pc to the next.Rate this question:
-
- 9.
What is a Trojan?
- A.
A program disguised as a useful application. Trojans do not replicate them like a viruses, but they can be destructive. Trojans perform functions without the users knowledge
- B.
Program that causes slowness and that will corrupt your internet explorer
- C.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
- D.
Program that causes slowness and that will corrupt your internet explorer
Correct Answer
A. A program disguised as a useful application. Trojans do not replicate them like a viruses, but they can be destructive. Trojans perform functions without the users knowledgeExplanation
A Trojan is a program that disguises itself as a useful application. Unlike viruses, Trojans do not replicate themselves, but they can still be destructive. Trojans are designed to perform functions without the user's knowledge, often causing harm or stealing sensitive information.Rate this question:
-
- 10.
What is Spy-ware?
- A.
Program that causes slowness and that will corrupt your internet explorer
- B.
Is a software program that communicates information from the user's computer
- C.
Type of virus that is a hybrid of a boot and a program viruses. It first attacks the boot sector and then attacks system files and or mask the file size.
- D.
Is a hardware program that communicates information from the user's computer .
Correct Answer
B. Is a software program that communicates information from the user's computerExplanation
Spyware is a software program that communicates information from the user's computer. It is designed to collect data without the user's knowledge or consent and transmit it to a third party. This can include personal information, browsing habits, and other sensitive data. Spyware can slow down the computer and may also corrupt the internet explorer, but its primary purpose is to gather and transmit information.Rate this question:
-
- 11.
What are RootKits?
- A.
Is a piece of software that can be installed and hidden on a computer mainly for the purpose of compromising the system and gaining escalated privileges.
- B.
Is a software program that communicates information from the user's computer
- C.
Program that causes slowness and that will corrupt your internet explorer
- D.
Type of virus uses techniques to avoid detection such as temporarily removing itself from infected files
Correct Answer
A. Is a piece of software that can be installed and hidden on a computer mainly for the purpose of compromising the system and gaining escalated privileges.Explanation
Rootkits are a type of malicious software that can be installed and concealed on a computer. Their main objective is to compromise the system and obtain elevated privileges. Rootkits are designed to operate covertly, making it difficult for users to detect their presence. They can be used by attackers to gain unauthorized access, control the system, and perform malicious activities without the user's knowledge.Rate this question:
-
- 12.
What is a Logic Bomb?
- A.
Is a virus or Trojan horse designed to execute malicious action when a certain event occurs or a period of time goes by.
- B.
Is a virus designed to execute malicious action when a certain event occurs or a period of time goes by.
- C.
A logic virus that is programed to make decisions on what files and boot sectors to attack.
- D.
Is a trojan horse designed to execute spy-ware and ad-ware actions when certain events occur during a 30 day window.
Correct Answer
A. Is a virus or Trojan horse designed to execute malicious action when a certain event occurs or a period of time goes by.Explanation
A logic bomb is a type of malicious software (virus or Trojan horse) that is programmed to execute a harmful action when a specific event or a certain period of time passes. It is designed to remain dormant until triggered, at which point it can cause damage to a computer system or network. This explanation aligns with the given correct answer.Rate this question:
-
- 13.
Bios passwords of laptops are a bit different that the passwords are usually flashed into firmware.
- A.
True . Passwords of laptops are a bit different and are usually part of firm ware.
- B.
False. Laptops are designed exactly the same as desktops.
Correct Answer
A. True . Passwords of laptops are a bit different and are usually part of firm ware.Explanation
Laptop BIOS passwords are typically stored in the firmware, which is a type of software that is permanently stored in hardware. This is different from regular passwords that are typically stored in the operating system or other software applications. The firmware is responsible for initializing the hardware components of the laptop and it is where the BIOS password is stored. This makes the BIOS password more difficult to bypass or reset, as it is stored at a lower level than regular passwords. Therefore, the statement "Passwords of laptops are a bit different and are usually part of firmware" is true.Rate this question:
-
- 14.
You have created a utility for deframenting hardrives. You have hidden code inside the utility that will install itself and cause the infection system to erase the hardrive contents on April 4, 2010. Which attack is used in this code?
- A.
Spoof virus
- B.
Logic Bomb
- C.
Trojan Horse
- D.
Malware
- E.
Root Kit
Correct Answer
B. Logic BombExplanation
A logic bomb is a type of malicious code that is intentionally inserted into a program or system with the purpose of causing harm at a specific time or when specific conditions are met. In this case, the hidden code inside the utility is programmed to trigger on April 4, 2010, and erase the contents of the hard drive. This demonstrates the characteristics of a logic bomb attack, as it is designed to execute a destructive action based on a specific event or condition.Rate this question:
-
- 15.
Java application is capable of installing and running on multiple platforms. Because Java is recompiled language a Java based mini-program is called
- A.
Mini script
- B.
Active X
- C.
Applet
- D.
Cookie
- E.
Temporary file
Correct Answer
C. AppletExplanation
Java applications are capable of installing and running on multiple platforms because Java is a recompiled language. A Java based mini-program that can be embedded in web pages and run on the client-side is called an applet. Applets are small applications that are written in Java and can be executed within a web browser. They provide interactive and dynamic content on websites, making them a suitable choice for creating interactive web pages.Rate this question:
-
- 16.
The client side environment support Java applet is referred to a:
- A.
Java script
- B.
Java virtual machine
- C.
Java resource
Correct Answer
A. Java scriptExplanation
The correct answer is Java script. Java applets are small programs written in the Java programming language that can be embedded into web pages. They are executed on the client side and require support from the client's environment. Java script is a scripting language that is commonly used in web development and can be used to interact with Java applets. Therefore, the client side environment support for Java applets is referred to as Java script.Rate this question:
-
- 17.
Early version of Java could be used to issue commands to the client system, allowing manipulation of the file and data files at will
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
In the early versions of Java, it was possible to use the programming language to issue commands to the client system. This meant that developers had the ability to manipulate files and data files on the client system as they pleased. Therefore, the statement that early versions of Java could be used to issue commands to the client system and manipulate files and data files at will is true.Rate this question:
-
- 18.
Early version of JVM (Java Virtual Machine) allowed Java applets to redirect the browser and create connection to other host without the users knowledge.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
The early version of JVM allowed Java applets to redirect the browser and create connections to other hosts without the user's knowledge. This means that Java applets had the ability to manipulate the browser and establish connections to external hosts without the user's consent or awareness. This could potentially lead to security vulnerabilities and unauthorized access to user data.Rate this question:
-
- 19.
Java is a complied language that can lead to the execution of arbitrary command or direct manipulation of data, while Java Script is a client side interpreted language that mainly poses privacy related vulnerability issues.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
Java is a compiled language, meaning that the code is first converted into bytecode, which is then executed by the Java Virtual Machine (JVM). This allows Java to have more control over the execution of commands and direct manipulation of data. On the other hand, JavaScript is a client-side interpreted language, which means that the code is executed directly by the web browser. This can lead to potential security vulnerabilities, particularly related to privacy issues. Therefore, the statement that Java can lead to the execution of arbitrary commands or direct manipulation of data, while JavaScript poses privacy-related vulnerability issues, is true.Rate this question:
-
- 20.
________________ are files that may be used to maintain data such as user settings between visits to the same site or multiple days, or to track browsing habits such as those used by sites.
Correct Answer
Active X
Cookies
Temporary filesExplanation
Cookies are known as small files that maintain data between visits.Rate this question:
- 21.
What is CGI?
- A.
Cable Gateway Interface
- B.
Common Gate Intermediate
- C.
Common Gateway Interface
Correct Answer
C. Common Gateway InterfaceExplanation
The correct answer is Common Gateway Interface. CGI is a standard protocol that allows web servers to interact with external programs or scripts. It enables dynamic content generation and facilitates communication between the web server and the program that processes user requests. CGI is commonly used to create interactive web applications and handle form submissions on websites.Rate this question:
-
- 22.
The common gateway interface (CGI) is a standard way for a Web server to pass a Web user's request to an application program and to receive data back to forward to the user.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
The common gateway interface (CGI) is indeed a standard method used by web servers to transmit a user's request to an application program and then receive data back from the program to send it back to the user. This allows web servers to interact with dynamic web applications and generate dynamic content for users. Therefore, the statement "True" is the correct answer.Rate this question:
-
- 23.
Most CGI- (Common Gateway Interface) exploits are In two general categories:
- A.
CGI scripts may leak information about the server
- B.
CGI allow scripts to be downloaded and and remove boot sectors on servers.
- C.
CGI scripts used to process user input data may be exploited to execute unwanted commands and server
- D.
CGI allows Trojans and spy-ware to launch directly on server causing network issues.
Correct Answer(s)
A. CGI scripts may leak information about the server
C. CGI scripts used to process user input data may be exploited to execute unwanted commands and serverExplanation
CGI scripts may leak information about the server, such as sensitive server configurations or database credentials. This can be exploited by attackers to gain unauthorized access to the server or to gather information for further attacks. Additionally, CGI scripts used to process user input data may be vulnerable to command injection attacks, where an attacker can execute arbitrary commands on the server by manipulating the input data. This can lead to unauthorized access, data theft, or disruption of server operations.Rate this question:
-
- 24.
What is SSL?
- A.
Security Socket Layer
- B.
Support Socket Layer
- C.
Secure Socket Layer
- D.
System Socket Layer
Correct Answer
C. Secure Socket LayerExplanation
SSL- Secure Socket Layer- Think of SecurityGuard, EyeSocket, and Cake Layer. SSLRate this question:
-
- 25.
_________________ is a commonly-used protocol for managing the security of a message transmission on the Internet.Uses a program layer located between the internet hypertext HTTP.
- A.
Secure Socket Layer
- B.
System Socket Layer
- C.
Security Socket Layer
- D.
Support Socket Layer
Correct Answer
A. Secure Socket LayerExplanation
The correct answer is Secure Socket Layer. It is a commonly-used protocol for managing the security of a message transmission on the Internet. It uses a program layer located between the internet hypertext HTTP to ensure secure communication between the client and the server.Rate this question:
-
- 26.
What is session hijacking?
- A.
Gaining access to a user's pc using remote session.
- B.
In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. ...
- C.
Creating a VPN link without the user's permission and creating a log and password.
Correct Answer
B. In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. ...Explanation
Session hijacking refers to the unauthorized access of information or services in a computer system by exploiting a valid computer session or session key. It involves gaining control of a user's session without their permission and using it to access sensitive data or perform unauthorized actions. This can be done by intercepting and manipulating session cookies, session IDs, or other session tokens. Session hijacking is a serious security threat that can lead to data breaches and unauthorized access to user accounts.Rate this question:
-
- 27.
A buffer overflow can result in the following ? (Select all that apply)
- A.
Overwriting of data or memory settings
- B.
A denial of service due to an overload the input buffer's ability to cope with additional data.
- C.
Computer crashes with CPU space using 100%
- D.
Data is lost due to infection and inoperable
- E.
The originator can execute arbitrary code, often at a privileged level.
Correct Answer(s)
A. Overwriting of data or memory settings
B. A denial of service due to an overload the input buffer's ability to cope with additional data.
E. The originator can execute arbitrary code, often at a privileged level.Explanation
A buffer overflow can result in overwriting of data or memory settings, which means that the excess data can overwrite important information stored in the memory, leading to unpredictable behavior or system crashes. It can also cause a denial of service by overwhelming the input buffer's capacity to handle additional data, causing the system to become unresponsive. Additionally, a buffer overflow can allow the originator to execute arbitrary code, often at a privileged level, which can lead to unauthorized access or control of the system.Rate this question:
-
- 28.
A program or piece of code that runs on your computer with your knowledge. It is designed to attach itself to other codes and replicate.
- A.
Spyware
- B.
Trojan
- C.
Boot sector
- D.
Malware
- E.
Adware
Correct Answer
D. MalwareExplanation
The program or piece of code you're describing is commonly known as "malware." Malware is malicious software that is created to infiltrate computer systems, replicate itself, and perform various harmful actions without the user's knowledge or consent. Malware can come in various forms, such as viruses, worms, Trojans, ransomware, spyware, and adware, each with its own specific functions and methods of propagation. It is essential to have antivirus software and practice safe computing habits to protect your computer and data from malware infections.Rate this question:
-
- 29.
Bots, short for Robot, are automated computer programs that require user interaction and cannot be controlled by outside sources. Bots do not provide a venue for spam or virus propagation.
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The statement is false because bots, short for robots, are automated computer programs that can operate without direct user interaction. They can be controlled by outside sources, and unfortunately, some bots are designed for malicious purposes, providing a venue for activities such as spamming or spreading viruses. Therefore, the given statement inaccurately suggests that bots do not operate without user interaction or that they cannot be controlled externally, and it overlooks the potential for misuse.Rate this question:
-
- 30.
A vulnerability in the Bios can allow local users to cause which of the following: (Select all that apply)
- A.
Hard drive failure
- B.
System not to boot
- C.
System to lock up
- D.
DOs ( Denial of Service)
- E.
Complete root kit virus
Correct Answer(s)
B. System not to boot
D. DOs ( Denial of Service)Explanation
A vulnerability in the Bios can allow local users to cause the system not to boot or result in a Denial of Service (DoS) attack. This means that the local users can exploit the vulnerability to prevent the system from starting up properly or cause it to become unresponsive, effectively denying access to legitimate users. This can be a serious security concern as it can disrupt normal operations and potentially lead to data loss or system downtime.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Feb 02, 2024Quiz Edited by
ProProfs Editorial Team -
Aug 11, 2010Quiz Created by
Tremeko
Back to top